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Asynchronous message system for menu-assisted resource control program 
US Pat. 6009175 - Filed Jun 27, 1997 - Unisys Corporation 
A secure message transmission system in a Kerberos environment which permits a 
client ... to an earlier request for an authentication message code signal, ... 

Non pre-authenticated kerberos logon via asynchronous message mechanism 

US Pat. 7024692 - Filed Jan 21 , 2000 - Unisys Corporation 

The system of claim 4 wherein said Kerberos Support Library (34) includes: ... 

responded to an earlier request for an authentication message code signal, ... 

Messag e control system for mana ging message res ponse in a kerberos environment 

US Pat 6003136 - Filed Jun 27, 1997 - Unisys Corporation 

A secure message transmission system in a Kerberos environment which permits a 
client ... to an earlier request for an authentication message code signal, ... 



|kerberos "authentication message" key \ j Search Patents | 
Goog le Patent Search Hel p | Advanced Patent Search 



Google Home - About Google - About Goo g le Patent Search 
©2007 Google 



Web Images Video 



News Maps Gmaii more ▼ Sign in 



Google 



(ticket kerberos key authentication network sec Search Patents | 




r Return patents filed anytime 



Patent Search beta 



<* Return patents filed between |Jan Fj [1980 jjj and |Dec >j (2002^ 



Patents Patents 1 



33 on ticket kerberos key authentication network secure public server client. (0.02 s 



Yaksha, an improved system and method for securing communications using s p lit private 
key ... 

US Pat. 5535276 - Filed Nov 9, 1994 - Bell Atlantic Network Services, Inc. 
When the client wishes to obtain a ticket to access server 50, ... Finally, 
Kerberos was designed to provide authentication and key- exchange, ... 

Electron ic information network user authentication and authorization system 

US Pat 5590199 - Filed Oct 12, 1993 - The Mitre Corporation 

It is based upon the use of a trusted authentication server to provide "tickets" for 

... Unlike the ticket, the authenticator is built by client Kerberos. ... 

Rig hts management system for digital media 
US Pat. 6006332 - Filed Oct 21, 1997 - Case Western Reserve University 
The RM system A provides a password for the Kerberos server and Kerberos 60 ... 
, As an alternative external authentication, public key certificates— such as ... 

Method for providing secure remote command execution over an insecure computer network 

US Pat. 5923756 - Filed Feb 12, 1997 - GTE Laboratories Incorporated 
This certificate contains the network server's public key and a list of one ... 
The Kerberos Initialization Client 780 sends a request for a ticket-granting ... 

Authentication method to enable servers using public key authentication to obtain user- 
dele gated ... 

US Pat. 6643774 - Filed Apr 8, 1999 - International Business Machines Corporation 
This means the Kerberos server would need to securely maintain the private ... 
where a client communicates directly with a Kerberos server using public key ... 

System for providing secure remote command execution network 

US Pat. 61 98824 - Filed May 11,1 999 - Verizon Laboratories Inc. 

This certificate contains the network server's public key and a list of one ... 

The Kerberos Initialization Client 780 sends a request for a ticket-granting ... 

Com puter system for securin g communications usin g split private key asymmetric 
cryptography ... 

US Pat. 5737419 - Filed Jun 7, 1996 - Bell Atlantic Network Services, inc. 

Die- However, in some cases the client may request mutual well-known that many 

systems (eg UNIX or Kerberos), authentication, in which case the server 50 ... 

Mechanism for secure tenderin g in an open electronic network 

US Pat. 6363365 - Filed Dec 7, 1998 - International Business Machines Corp. 
Third party authentication is one way to secure commu- go nications between a 
client and server over an open network. One well known trusted third party ... 

Method and a pparatus providing secure initialization of network devices usin g a 
cryptographic ... 



US Pat. 7181620 - Filed Nov 9, 2001 - Cisco Technology, Inc. 

Therefore, the client and server principals can authenticate by proving knowledge 

of the key contained within the ticket. A Kerberos "administrative realm" ... 

S pecifying security protocols and policy constraints in distributed s ystems 

US Pat. 6216231 - Filed Apr 25, 1997 - AT & T Corp. 

Certificates using public key cryptography enable authentication information ... 
integrity and confidentiality for data sent between the server and client... . 

Method for providing simultaneous parallel secure command execution on multiple remote 
hosts 

US Pat. 7062781 - Filed Dec 21, 2000 - Verizon Laboratories Inc. 

25 This certificate contains the network server's public key and a list of ... 

The Kerberos Initialization Client 780 sends a request for a ticket-granting ... 

Secure data stora g e and retrieval with key mana g ement and user authentication 

US Pat. 6947556 - Filed Aug 21, 2000 - International Business Machines Corporation 
3J The authentication server may also inform the key server and the file server 
... under Kerberos, the user computer forwards the ticket to the file server ... 

Key management protocol and authentication system for secure internet protocol ri ghts 
mana g ement ... 

US Pat. 7243366 - Filed Mar 4, 2002 - General Instrument Corporation 
Another disadvantage of Kerberos is that it does not specify the details of 
performing key management between a client and a server once a ticket is ... 

Specifying security protocols and policy constraints in distributed systems 

US Pat. 6256741 - Filed Oct 1 3, 2000 - AT&T Corp. 

Certificates using public key cryptography enable authentication information ... 
integrity and confidentiality for data sent between the server and client... . 

Coordinatin g user tar get log ons in a sin gle sig n-on (SSO) environment 
US Pat 617851 1 - Filed Apr 30, 1998 - International Business Machines Corporation 
PKM is preferably implemented as a client/server application in a ... of a single 
sign-on system is the 55 network authentication between a single sign-on ... 

S ystem and method for providin g ke y manag ement protocol with client verification of 
authorization 

US Pat. 7231663 - Filed Feb 4, 2002 - General Instrument Corporation 

The TGS server 110 provides an application server service ticket (ST ... 

the authentication service exchange between the client 102 and the AS server 108 ... 

S ystem and a p paratus for stora g e and transfer of secure data on web 

US Pat. 6985953 - Filed Nov 30, 1999 - George Mason University 
Since SSL provides server-to-client authentication (optionally mutual ... 
the Kerberos ticket), or the Sign Cookie (carrying user's digital signature), ... 

Cross-domain access control 

US Pat. 7062654 - Filed Nov 9, 2001 - SRI International 

Such a technique typically employs a public key to encrypt a communication or verify 
... Kerberos is a network authentication protocol developed by MIT (see ... 



Encryption of streaming control protocols and their headers 
US Pat 7237108 - Filed Jun 25, 2002 - General Instrument Corporation 
Request Ticket Granting Ticket from the Authentication Server Reply from ... 
the service ticket Server requests this client to initiate key management Key ... 

Method and system for enablin g content security in a distributed system 

US Pat. 7243226 - Filed Dec 1 1 , 2002 - Valve Corporation 

In other embodiments of the invention, other private key/public key ... may be 

used when encrypting data and/or authenticating a server.clie nt, or user. ... 

End-to end protection of media stream encryption keys for voice-over-IP systems 
US Pat. 6792534 - Filed May 6, 2002 - General Instrument Corporation 
When the server named in the ticket receives this message from the client,.. . 
Also, Kerberos provides a key management solution that avoids the overhead ... 

S ynchronous messa g e control system in a Kerberos domain 

US Pat. 6055639 - Filed Oct 10, 1997 - Unisys Corporation 

In systems designated as Public Key Electronic Crypto- Systems, ... article 

entitled "The Kerberos Network Authentication Service" which was published Sep. ... 

Method and apparatus for purchasing and deliverin g digital g oods over a network ... 

US Pat. 5809144 - Filed Aug 24, 1995 - Carnegie Mellon University 

Instead of using public key cryptography for transaction's status. ... Kerberos 

Ticket Granting Server believes the client's iden- The merchant requests the ... 

Electronic authority server 

US Pat. 6073242 - Filed Mar 19, 1998 - Agorics, Inc. 

10 Public-key or certificate-based signature verification; ... the authority 

server can be coupled to other similar servers via secure network connections. ... 

Teamware server workin g over HTTP/HTTPS connections 

US Pat. 6813641 - Filed Jul 5, 2001 - Sun Microsystems, Inc. 

A "credential" is a security- related attribute such as password, Kerberos ticket, 

public key certificate, and cryptographic key. ... 

Mobile host usin g a virtual sin g le account client and server system for network access and ... 

US Pat. 7069433 - Filed Oct 29, 2001 - AT&T Corp. 

Using the ticket that contains a session key encrypted using two shared ... 

to an access network using a RADIUS server that relays the authentication ... 

Establishin g authenticated network connections 

US Pat. 7069438 - Filed Aug 19, 2002 - Sowl Associates, Inc. 

Client computer 100 and server authentication method used to authenticate client 

... an authentication token, a digital certificate or a 1 Kerberos ticket. ... 

Mobile host usin g a virtual sin g le account client and server system for network access and ... 

US Pat. 6971005 - Filed Oct 23, 2001 - AT&T Corp. 

Using the ticket that contains a session key encrypted using two shared ... 

to an access network using a RADIUS server that relays the authentication ... 

Method and system for providing client privacy when requestin g content from a public server 

US Pat. 6993652 - Filed Oct 5, 2001 - General Instrument Corporation 



Kerberos is an example of a known network authentication protocol that is ... 
to provide authentication for client/server applications by using secret-key ... 

Web simulator 

US Pat. 7143025 - Filed Dec 13, 2002 - Sun Microsystems, Inc. 

Passport is an authentication server developed by Microsoft that provides a ... 

Kerberos Server). Liberty is a federated network identity solution for the ... 

Authentication and authorization in a multi-tier relational database mana g ement system 

US Pat. 6286104 - Filed Aug 4, 1999 - Oracle Corporation 

Client/ Application method 214 allows the application server to connect to the data 
... In one embodiment of the invention, public key encryption (PKE) ... 

Personal key archive 

US Pat. 5495533 - Filed Apr 29, 1994 - International Business Machines Corporation 
JG Steiner, "Kerberos: An Authentication Service For Open Network Systems", ... 
The computing system has an authentication server; a key client; a key ... 

Ex pedited message control for synchronous response in a Kerberos domain 

US Pat. 6175920 - Filed Feb 20, 1998 - Unisys Corporation 

In systems designated as Public Key Electronic Crypto- Systems, ... article 

entitled "The Kerberos Network Authentication Service" which was published Sep. ... 
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Personal key archive 

US Pat. 5495533 - Filed Apr 29, 1994 - International Business Machines Corporation 
A network authentication mechanism, such as Kerberos 10 (reference 8), ... 
Authentication and Key Distribution Service, Proceedings of ESORICS 92, Toulouse, ... 

Intermediate network authentication 

US Pat. 551 1 122 - Filed Jun 3, 1994 - The -United States of America as represented by the Secretary of the Navy 
INTERMEDIATE NETWORK AUTHENTICATION BACKGROUND OF THE INVENTION The ... 15 tion 
to this rule with its development of the Kerberos authentication system. ... 

Electronic information network user authentication and authorization system 

US Pat 5590199 - Filed Oct 12, 1993 - The Mitre Corporation 

3., the system, according to the invention, for authentication of a user ... 

Client Kerberos derives a key from the password and sends it to the smart card. ... 

Yaksha , an improved system and method for securin g communications usin g s plit private 
key ... 

US Pat. 5535276 - Filed Nov 9, 1994 - Bell Atlantic Network Services, Inc. 

Those interested are referred to Kohl, JT and BC Neuman, The Kerberos Network 

Authentication Service", INTERNET RFC 1510, September 1993, for more details. ... 



Method and a p paratus for purchasing and deliverin g digital goods over a ne twork ... 

US Pat. 5809144 - Filed Aug 24, 1995 - Carnegie Mellon University 

may also use Kerberos tickets. The transaction involves several phases, ... 

the customer or merchant may be unaware of the message authentication and ... 

Method for providin g secure remote command execution over an insecure computer network 

US Pat. 5923756 - Filed Feb 12, 1997 - GTE Laboratories Incorporated 

One example of a secret-key based network authentication system is the trusted 

third-party authentication service called Kerberos. ... 

S ystem for increasing the difficulty of password g uessing attacks in a distributed ... 

US Pat. 5491752 - Filed Sep 2, 1994 - Digital Equipment Corporation, Patent Law Group 

KERBEROS: USING A SHARED SECRET KEY FOR TRANSMISSION OF AN AUTHENTICATION "TICKET" 

The well-known Kerberos network environment employs another variation on ... 

Computer-based communication system and method usin g metadata definin g a control 
structure 

US Pat. 5862325 - Filed Sep 27, 1996 - Intermind Corporation 

These include Kerberos 5, developed at 108 An example is authentication using 

... The private key is stored as an element 143 of the authentication service ... 



Networked workstation intrusion detection system 

US Pat 5919257 - Filed Aug 8, 1997 - Novell, Inc. 

Alternatively, it is contemplated that well known password based user authentication 



systems such as Kerberos V4 ROM along with the executable code required ... 

Computer system for securing communications using split private key asymmetric 
crypto g ra phy ... 

US Pat. 5737419 - Filed Jun 7, 1996 - Bell Atlantic Network Services, Inc. 

A uest to authentication service), consists of: private key stored on a 

... "The Kerberos 45 Network Authentication Service", INTERNET RFC 1510, ... 

Dig ital active advertisin g 

US Pat. 5724424 - Filed Nov 29, 1995 - Open Market, Inc. 

"Concept for a Smart Card Kerberos", 1 5th National Computer Security ... Krajewski, 
M. et al, "Applicability of Smart Cards to Network User Authentication", ... 

Method and system for authenticatin g users to multiple computer servers via a single sign- 
on ... 

US Pat. 5684950 - Filed Sep 23, 1996 - Lockheed Martin Corporation 

mcmahon "Sesame V2 Public Key and Authorization Extensions to Kerberos", ... 

computing network can be granted via a single network authentication request 15 ... 

S ystem and method for policy-based inter-realm authentication within a distributed processing 
s ystem 

US Pat. 5544322 - Filed May 9, 1994 - International Business Machines Corporation 

The knowledge of the key is required to use the certificate correctly. ... 

The Kerberos network authentication protocol, as described within The Kerberos ... 

Key mana g ement for network communication 

US Pat. 5825891 - Filed Oct 29, 1997 - Raptor Systems, Inc. 

Kerberos Network Authentication System created under defines one method of providing 
... For a more detailed description of the Kerberos Key 60 Although the ... 

S ystem for providin g secure remote command execution network 
US Pat. 6198824 - Filed May 11, 1999- Verizon Laboratories Inc. 
Networks of networks are One example of a secret-key based network ... Since some 
part of the network may use The Kerberos authentication scheme also is ... 

Multi-party secure session/conference 

US Pat. 5369705 - Filed Jun 3, 1992 - International Business Machines Corporation 

Thus, these existing mecha- Accordingly, this invention provides an adaptive 

nisms will not work connectively in a dynamic network authentication mechanism ... 

Cryptogra phic protocol for secure communications 

US Pat. 5241599 - Filed Oct 2, 1991 - AT&T Bell Laboratories 

The pro- The Kerberos authentication system of mit's appropriate at this time. 

... Open Network System," Proc. Winter guished by a cryptographic key or key. ... 

Method and a p paratus for enhancin g software security and distributing software ... 

US Pat. 5724425 - Filed Jun 10, 1994 - Sun Microsystems, Inc. 

Note that use of RSA [26] in the obvious manner to achieve key exchange similarly 

does not guarantee ... Limitations of the Kerberos authentication system. ... 

Method and apparatus for authenticating a client to a server in computer systems which 
sup port ... 



\ 



US Pat. 5586260 - Filed Feb 12, 1993 - Digital Equipment Corporation 
"Kerberos: An Authentication service of Open Network Systems," Mar. ... 
saves security credentials for the client, returning an access key to the client. ... 

Flexible interface to authentication services in a distributed data processing environment 

US Pat. 5481720 - Filed Sep 14, 1994 - International Business Machines Corporation 
For example, if Kerberos based authentication is being performed, ... This may 
be running on a remote node and hence require network communication. ... 

S ystem and method for single sign-on to a plurality of network elements 
US Pat. 5944824 - Filed Apr 30, 1997 - MCI Communications Corporation 
A secured network architecture for the single sign-on of a user to a plurality of 
... environment key distribution service based on Kerberos authentication ... 

Com puter-based communication s yst em and method usin g metadata definin g a control- 
structure 

US Pat. 6088717 - Filed Aug 31, 1998 - OneName Corporation 

These include Kerberos 5, developed at MIT; SPX, developed by Digital ... 

The private key is stored as an element 143 of the authentication service object ... 

Method and system for changing an authorization password or key in a distributed 
communication ... 

US Pat. 5778065 - Filed Feb 8, 1996 - International Business Machines Corporation 
It should be noted that authentication is against Trojan Horse and ... The given 
key selection rules, or when other transmitted Kerberos system includes a ... 

Auditin g log in activity in a distributed computing environment 
US Pat. 5864665 - Filed Aug 20, 1996 - International Business Machines Corporation 
A TGT is a data structure that contains authentication and Kerberos ticket ... 
the claimed principal's key to decrypt the times- services in the network... . 

Rig hts mana g ement system for digital media 

US Pat 6006332 - Filed Oct 21 , 1997 - Case Western Reserve University 

One type of system is known as Kerberos, which provides a user ID password ... 

As an alternative external authentication, public key certificates— such as ... 

Electronic proof of recei pt 

US Pat. 5509071 - Filed Apr 1, 1994 - Microelectronics And Computer Technology Corporation 
It should be noted that such a key exchange may 59 be as simple as two ... 
1013; Steiner et al., "Kerberos: An Authentication Service for Open Network ... 

Transferring encrypted packets over a public network 

US Pat. 5898784 - Filed Nov 3, 1997 - Raptor Systems, Inc. 

The tunnel indicates the The Kerberos Key Distribution Center components of ... 

Kerberos Network Authentication System created under Multiple tunnels 140, ... 

Single sig n-on (SSO) mechanism personal key mana ger 

US Pat. 6243816 - Filed Apr 30, 1998 - Internationa! Business Machines Corporation 
40 One design consideration of a single sign-on system is the 59 network 
authentication between a single sign-on user and the single sign-on centralized ... 

Method and system for key distribution and authentication in a data communication network 



US Pat. 5539824 - Filed Dec 2, 1994 - International Business Machines Corporation 
20 One such network to be more particularly considered in this ... BC Newman, Jl 
Schiller and JH Saltzer, as the "Kerberos 50 Authentication and ... 

Method for delegatin g access ri g hts through executable access control program without 
delegating ... 

US Pal 5649099 - Filed Jun 4, 1993 - Xerox Corporation 

In step 414 the authentication authentication tickets, one for the initiator, 

which contains tication server AS returns the session key Kc with a ticket ... 

Secure intranet access 

US Pat 6081900 - Filed Mar 16, 1999 - Novell, Inc. 

In both cases, the authentication information is quite vulnerable to theft and 
... with public key/private key encryption software such as PGP software. ... 

Method and a p paratus for distributin g and updating grou p controllers over a wide area 
network ... 

US Pat. 6684331 - Filed Dec 22, 1999 - Cisco Technology, Inc. 

The network 50 101 may be a packet switched network, which supports the Internet 

Protocol (IP). ... Kerberos is a known key based authentication service. ... 

S pecifyin g security protocols and policy constraints in distributed systems 

US Pat. 6216231 - Filed Apr 25, 1 997 - AT & T Corp. 

As noted above, Kerberos is a distributed authentication service that allows ... 
sending data across the network that might allow an attacker or verifier to ... 

Ap paratus and method for remotely executin g commands using distributed computin g 
environment ... 

US Pat. 6148402 - Filed Apr 1, 1998 - Hewlett-Packard Company 

... across the network to the Kerberos authentication security server 13. ... 

This session key is used to encrypt the ticket from the sealed authenticator. ... 

Computer network operatin g with multilevel hierarchical security with selectable common 
trust ... 

US Pat. 5204961 - Filed Jun 25, 1990 - Digital Equipment Corporation 

I 2 COMPUTER NETWORK OPERATING WITH rity are supported by transmitting ... 

verify that both the local computer system and the RSA Public Key authentication, ... 

S ystem and method for secure initial prog ram load for diskless workstations 
US Pat. 5349643 - Filed May 10, 1993 - International Business Machines Corporation 
3, when the authentication server responds with the K2 ticket, 71, ... could be 
inserted which would cause the Kerberos server to send the K2 key to the ... 

Challenge-res ponse authentication and ke y exchang e for a connectionless security protocol 

US Pat. 6377691 - Filed Dec 9, 1996 - Microsoft Corporation 

Another disadvantage of the Kerberos authentication pro- 1 ° toco! is the manner in 

... with little modifications to existing network operating systems. ... 

Centralized authentication, authorization and accountin g server with support for multi ple ... 

US Pat. 6219790 - Filed Jun 19, 1998 - Lucent Technologies Inc. 

To ensure that requests are not responded to by unauthorized hackers on the 

network 102, the AAA server 118 typically sends an authentication key, ... 



Computer-based communication system and method using metadata defining a control- 
structure 

US Pat. 6345288 - Filed May 15, 2000 - OneName Corporation 

These include Kerberos 5, developed at MIT; SPX, developed by Digital ... 

The private key is stored as an element 143 of the authentication service object ... 

Intelligent electronic appliance system and method 

US Pat. 6850252 - Filed Oct 5, 2000 

... (Open network payment system for providing for authentication of payment orders 
... (Synchronous message control system in a Kerberos domain); US Pat. ... 

Method for authenticating a user working in a distributed environment in the client/server 
mode ... 

US Pat. 5841871 - Filed Nov 18, 1996 - Bull SA 

The Kerberos authentication technique is is based on the use of a password known as 
... (RFC 1510 "The Kerberos Network Authentication Service [Version 5]", ... 

One-time lo g on means and methods for distributed computing s ystems 
US Pat. 5241594 - Filed Jun 2, 1992 - Hughes Aircraft Company 
key distribution mechanism. However, this system re- ONE-TIME LOGON MEANS AND 
METHODS ... Unique features of the authentication at the application level, ... 

Authentication method for networks 

US Pat. 5706427 - Filed Jun 27, 1996 - Cadix Inc. 

The verification server maintains a database of valid authentication data, ... 

11 Claims, 6 Drawing Sheets APPLICATION SERVER REQUEST APPLICATION KEY . ... 

Ex pedited message control for synchronous response in a Kerberos domain 

US Pat. 6175920 - Filed Feb 20, 1998 - Unisys Corporation 

It can only be decrypted using that user's "public key". A Kerberos Security 

System is being used as a developing standard for authenticating network users ... 

Mechanism for secure tendering in an open electronic network 

US Pat, 6363365 - Filed Dec 7, 1998 - International Business Machines Corp. 

(See for example JG Steiner, BC Neuman, and Jl Schiller, "Kerberos: 65 Authentication 

service for open network systems," USE NIX Conference Proceedings, ... 

Mechanism and a p paratus for usin g messages to look up documents stored in spaces in a ... 

US Pat. 6643650 - Filed Sep 12, 2000 - Sun Microsystems, Inc. 

Kerberos lets a user request an encrypted "ticket" from an authentication process 

that 10 ... The user's password does not have to pass through the network. ... 

Connection authorizer for controllin g access to system resources 

US Pat. 5506961 - Filed Oct 17, 1994 - International Business Machines Corporation 
Further, the Kerberos authentication model is itself flawed in many respects. 
... each Kerberos server must allocate a unique encryption key to each device. ... 

Method for sharin g secret information and performin g certification in a communication 
s ystem ... 

US Pat. 5708714 - Filed Jul 26, 1995 - Canon Kabushiki Kaisha 

... countermeasure for reducing the danger from authentication server can not be 

relied on because of the cation method for a network called kerberos (see ... 



Server entity that provides secure access to its resources through token validation 
US Pat. 5542046 - Filed Jun 2, 1995 - International Business Machines Corporation 
Further, the Kerberos authentication model is itself flawed in many respects. 
... each Kerberos server must allocate a unique encryption key to each device. ... 

Authentication method to enable servers usin g public key authentication to obtain user- 
dele g ated ... 

US Pat. 6643774 - Filed Apr 8, 1999 - International Business Machines Corporation 
An example of a private key security system is the Kerberos system developed by the 
... Private key systems have a number of drawbacks in 50 an open network ... 
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Electronic information network user authentication and authorization system 

US Pat 5590199 - Filed Oct 12, 1993 - The Mitre Corporation 

Step Ghent Kerberos transfers the portion of the message 10: encrypted using the 

TGS session key to the smart card. Step The smart card decrypts the message ... 

Yaksha , an improved system and method for securin g communications using sp lit private 
key ... 

US Pat. 5535276 - Filed Nov 9, 1994 - Bell Atlantic Network Services, Inc. 
The client using computer 10 45 now constructs Message 5 and sends it to the 
server 50 ... Finally, Kerberos was designed to provide authentication and key- ... 

Method and a p paratus for purchasing and delivering di gital g oods over a network ... 

US Pat. 5809144 - Filed Aug 24, 1995 - Carnegie, Mellon University 

may also use Kerberos tickets. The transaction involves several phases, ... 

the customer or merchant may be unaware of the message authentication and ... 

Personal key archive 

US Pat. 5495533 - Filed Apr 29, 1994 - International Business Machines Corporation 
User authentication should not be confused with message authentication,.. . 
A network authentication mechanism, such as Kerberos 10 (reference 8), ... 

Com puter-based communication system and method usin g metadata definin g a control 
structure 

US Pat. 5862325 - Filed Sep 27, 1996 - lntermind Corporation 

Many cryptographic protocols have been devised to provide authentication of user 

identity and message integrity over data networks. These include Kerberos 5 ... 

Dig ital active advertisin g 

US Pat. 5724424 - Filed Nov 29, 1995 - Open Market, Inc. 

"Concept for a Smart Card Kerberos", 15th National Computer Security ... Krajewski, 
M. et al, "Applicability of Smart Cards to Network User Authentication", ... 

Computer system for securin g communications using split private key asymmetric 
cryptography ... 

US Pat. 5737419 - Filed Jun 7, 1996 - Bell Atlantic Network Services, Inc. 

Only a user who knows Kc will be able to close to a decade of effort, the Kerberos 

authentication decrypt this message to obtain Kc.tgs. The key Kc.tgs is ... 

Intermediate network authentication 

US Pat 551 1 122 - Filed Jun 3, 1994 - The United States of America as represented by the Secretary of the Navy 
Bellovin, Steven M., "Limitations of the Kerberos Authentication System", ... 
steps of: obtaining a network address and a public key of a receiving host; ... 



Method for providin g secure remote command execution over an insecure computer network 

US Pat. 5923756 - Filed Feb 12, 1997 - GTE Laboratories Incorporated 



After receiving the encrypted session key.net work server 300 ... One example of 
a publicly available authentication protocol using timestamps is Kerberos ... 

Flexible interface to authentication services in a distributed data processin g environment 

US Pat 5481720 - Filed Sep 14, 1994 « International Business Machines Corporation 
These message queue facilities are described in the "AIX Operating System Technical 
... For example, if Kerberos based authentication is being performed, ... 

Cryptographic protocol for secure communications 

US Pat. 5241599 - Filed Oct 2, 1991 - AT&T Bell Laboratories 

The pro- The Kerberos authentication system of mit's appropriate at this time. 

... Open Network System," Proc. Winter guished by a cryptographic key or key. ... 

Method and apparatus for enhancing software security and distributing software ... 

US Pat. 5724425 - Filed Jun 10, 1994 - Sun Microsystems, Inc. 

Valid signatures should result from the transformation 20 of a message from a 

message space that is a ... Limitations of the Kerberos authentication system. ... 

S ystem and method for policy-based inter-realm authentication within a distributed processin g 
s ystem 

US Pat. 5544322 - Filed May 9, 1994 - International Business Machines Corporation 
... Kerberos Network Authentication Service (please refer to the Kerberos Network 
Authentication Service (V5) reference noted above), which uses secret-key ... 

Method and system for changing an authorization password or key in a distributed 
communication ... 

US Pat. 5778065 - Filed Feb 8, 1996 - International Business Machines Corporation 
It should be noted that authentication is against Trojan Horse and ... This second 
message contains at least an accept/ However, the Kerberos ... 

Com puter-based communication system and method using metadata defining a control- 
structure 

US Pat. 6088717 - Filed Aug 31, 1998 - OneName Corporation 

These include Kerberos 5, developed at MIT; SPX, developed by Digital ... 

The private key is stored as an element 143 of the authentication service object ... 

S ystem for increasing the difficulty of password g uessin g attacks in a distributed ... 
US Pat. 5491752 - Filed Sep 2, 1994 - Digital Equipment Corporation, Patent Law Group 
3 is a data flow diagram of a public key authentication transaction; FIG. 4 is 
a data flow diagram of an authenticated Kerberos network environment; FIG. ... 

Networked workstation intrusion detection system 

US Pat. 5919257 - Filed Aug 8, 1997 - Novell, Inc. 

Preferably, only the identification and authentication modules are signed, ... 
a message to the workstation that the user properly logged onto the network ... 

Computer network operating with multilevel hierarchical security with selectable common 
trust ... 

US Pat. 5204961 - Filed Jun 25, 1990 - Digital Equipment Corporation 
Thus, each message has an associated label denot- ity of the transmitted ... 
that both the local computer system and the RSA Public Key authentication, ... 



Electronic proof of receip t 

US Pat. 5509071 - Filed Apr 1, 1994 - Microelectronics And Computer Technology Corporation 
There are myriad authentication protocols known in the art and based on either 
conventional private key systems, such as mit's Kerberos, or public key ... 

A pparatus and method for remotely executing commands using distributed computin g 
environment ... 

US Pat. 6148402 - Filed Apr 1, 1998 - Hewlett-Packard Company 

... the message 24 is sent across the network to the Kerberos authentication ... 

from the message in the Kerberos database and obtains the encryption key ... 

S ystem for providin g secure remote command execution network 
US Pat. 6198824 - Filed May 1 1, 1999 - Verizon Laboratories Inc. 
The authentication protocol preferably also produces a session key that is known 
only to 5 client 200 and network server 300 and which can be used to ... 

Method and a p paratus for distributin g and updatin g group controllers over a wide area 
network ... 

US Pat. 6684331 - Filed Dec 22, 1999 - Cisco Technology, Inc. 

The group members then decipher the encrypted message to determine 45 each others' 
public keys. ... Kerberos is a known key based authentication service. ... 

Mechanism and a p paratus for usin g messa g es to look up documents stored in spaces in a ... 

US Pat. 6643650 - Filed Sep 12, 2000 - Sun Microsystems, Inc. 

Kerberos lets a user request an encrypted "ticket" from an authentication ... 

corresponding public key in the encrypted message to substantially ensure that ... 

Com puter-based communication system and method usin g metadata definin g a control- 
structure 

US Pat. 6345288 - Filed May 15, 2000 - OneName Corporation 

These include Kerberos 5, developed at MIT; SPX, developed by Digital ... 

The private key is stored as an element 143 of the authentication service object ... 

Ex pedited messa g e control for synchronous response in a Kerberos domain 

US Pat. 6175920 - Filed Feb 20, 1998 - Unisys Corporation 

An example of this would be the network where a message holding box has a single 
... Kerberos authentication is based on "passwords" and does not involve ... 

Intelligent electronic appliance system and method 

US Pat. 6850252 - Filed Oct 5, 2000 

... (Open network payment system for providing for authentication of payment orders 
... (Synchronous message control system in a Kerberos domain); US Pat. ... 

Single sig n-on (SSO) mechanism personal key mana g er 

US Pat. 6243816 - Filed Apr 30, 1998 - International Business Machines Corporation 
40 One design consideration of a single sign-on system is the 59 network 
authentication between a single sign-on user and the single sign-on centralized ... 

Multi-party secure session/conference 

US Pat. 5369705 - Filed Jun 3, 1992 - International Business Machines Corporation 

Thus, these existing mecha- Accordingly, this invention provides an adaptive 

nisms will not work connectively in a dynamic network authentication mechanism ... 
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Challenge-response authentication and key exchan g e for a connectionless security protocol 

US Pat. 6377691 - Filed Dec 9, 1996 - Microsoft Corporation 

Another disadvantage of the Kerberos authentication pro- 1° tocol is the manner 

... the session key, the client CR component encrypts a message containing a ... 

Messa g e control system for mana ging messa g e response in a kerberos environment 

US Pat. 6003136 - Filed Jun 27, 1997 - Unisys Corporation 

An example of this would be the network where a message holding box has a single 
... Kerberos authentication is based on "passwords" and does not involve ... 

O pen network pa yment system for providing for authentication of payment orders based on 

a ... 

US Pat. 6049785 - Filed Mar 2, 1998 - Open Market, inc. 

Krajewski, M.; "Smart Card Augmentation of Kerberos"; Privacy and Security Research 
Group Workshop on Network and Distributed System Security; Feb., 1993. ... 

S ystem and method for negotiating security services and algorithms for communication across 

a ... 

US Pat. 5784566 - Filed Jan 1 1, 1996 - Oracle Corporation 

Other networks, and users may sometimes be able to specify aa Kerberos server; 

... most network systems do not In physical-device-assisted authentication,.. . 

Authentication method for networks 

US Pat. 5706427 - Filed Jun 27, 1996 - Cadix Inc. 

11 Claims, 6 Drawing Sheets APPLICATION SERVER REQUEST APPLICATION KEY . ... 
REQUEST (MESSAGE ID, ENCRYPTION KEY ENCRYPTION KEY) (KEY DATA, MESSAGE ID, ... 

Method and apparatus for extendin g existing database management system for new data 
ty pes ... 

US Pat. 5794250 - Filed Apr 18, 1997 - NCR Corporation 

The authentication system employed is based on the KERBEROS system. ... of the TGT. 
the network address of the client 220, and a random session key... . 

S ynchronous message control system in a Kerberos domain 

US Pat. 6055639 - Filed Oct 10, 1997 - Unisys Corporation 

An example of 35 this would be the network where a message holding box has a single 
... Kerberos authentication is based on "passwords" and does not involve ... 

Non pre-authenticated kerberos logon via asynchronous messa g e mechanism 

US Pat. 7024692 - Filed Jan 21 , 2000 - Unisys Corporation 

An example of 40 this would be the network where a message holding box has a ... 
Kerberos authentication is based on "passwords" and does not involve ... 

Method for authenticatin g a user workin g in a distributed environment in the client/server 
mode ... 

US Pat. 5841871 - Filed Nov 18, 1996 - Bull S.A. 

The Kerberos authentication technique is is based on the use of a password ... 
password OTP received) while the decryption key of the response message from ... 

Controllin g passa g e of packets or messages via a virtual connection or flow ... 

US Pat. 5828846 - Filed Nov 22, 1995 - Raptor Systems, Inc. 

Kerberos Network Authentication Service (V5), Digital Equipment Corporation, ... 



In connection with processing a packet or message that triggers a step in ... 

Method and apparatus for parallel execution of user-defined functions in an object-relational ... 

US Pat. 5754841 - Filed Oct 20, 1995 - NCR Corporation 

The authentication system employed Is based on the KERBEROS system. ... the network 
address of the client 220, and a random session key. ... 

Authentication method to enable servers using public key authentication to obtain user- 
dele g ated ... 

US Pat. 6643774 - Filed. Apr 8, 1999 - International Business Machines Corporation 
To use a key pair for authentication, the message originator digitally signs ... 
The Kerberos system alone, however, is not appropriate for a public network ... 

Method and apparatus for extendin g a database mana g ement system to operate with diverse 
obj ect ... 

US Pat. 5864843 - Filed Oct 20, 1995 - NCR Corporation 

The authentication system 40 employed is based on the KERBEROS system. ... 
of the federated coordinator 206, the lifetime of the TGT, the network address ... 

Method and apparatus for extendin g a relational database mana g ement system usin g a 
federated ... 

US Pat. 5873083 - Filed Oct 3, 1997 - NCR Corporation 

The authentication system 40 employed is based on the KERBEROS system. ... 
the network address of the client 220, and a random session key... . 

Connection authorizer for controllin g access to system resources 

US Pat. 5506961 - Filed Oct 17, 1994 - International Business Machines Corporation 
Further, the Kerberos authentication model is itself flawed in many respects. 
... it must understand that it needs to use its key to decrypt the message ... 

As ynchronous messa g e system for menu-assisted resource control program 

US Pat, 6009175 - Filed Jun 27, 1997 - Unisys Corporation 

An example of this would be the network where a message holding box has a single 
... Kerberos was designed to provide authentication and key-exchange, ... 

Server entity that provides secure access to its resources throu g h token validation 

US Pat. 5542046 - Filed Jun 2, 1995 - International Business Machines Corporation 
Further, the Kerberos authentication model is itself flawed in many respects. 
... it must understand that it needs to use its key to decrypt the message 

S ystem and method for authentication in a mobile communications system 

US Pat. 7003282 - Filed Jun 24, 1999 - Nokia Corporation 

If it does, it will generate Kerberos is a system intended for authentication of 

net- a random connection-specific key Kc tgs, which will be used work users ... 

Trusted construction o f messag e endpoints in a distributed computin g environment 

US Pat. 6792466 - Filed Sep 12, 2000 - Sun Microsystems, Inc. 

In one embodiment, the authentication ere- with its private key... . is 45 a 

service in a computer network.K erberos lets a user request transport over ... 

Method and apparatus for mana ging shared data using a data surrogate and obtainin g cost ... 

US Pat. 5689698 - Filed Oct 20, 1995 - NCR Corporation 



The authentication system employed is based on the KERBEROS system. ... the network 
address of the client 220, and a random session key. .... 

Centralized authentication , authorization and accountin g server with support for multiple ... 

US Pat. 6219790 - Filed Jun 19, 1998 - Lucent Technologies Inc. 

To ensure that requests are not responded to by unauthorized hackers on the 

network 102, the AAA server 118 typically sends an authentication key, ... 

Securin g E-mail communications and encrypted file storage usin g yaksha split private key ... 

US Pat. 5748735 - Filed Jun 7, 1996 - Bell Atlantic Network Services, Inc. 

1994 for Y. Yacobi and R. Ganesan Network Authentication Service", INTERNET RFC 

... Kerberos Network Authentication Service". INTERNET is assumed that key ... 
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